name: CI Pipeline on: push: branches: [ main, develop, 'claude/**' ] pull_request: branches: [ main, develop ] workflow_dispatch: env: PYTHON_VERSION: '3.10' CUDA_VERSION: '12.0' MIN_COVERAGE: '80' jobs: # ============================================================================ # Code Quality and Linting # ============================================================================ lint: name: Code Quality Checks runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} cache: 'pip' - name: Install linting dependencies run: | pip install --upgrade pip pip install black flake8 mypy isort pylint - name: Run Black run: | black --check --diff src/ tests/ continue-on-error: true - name: Run isort run: | isort --check-only --diff src/ tests/ continue-on-error: true - name: Run Flake8 run: | flake8 src/ tests/ --count --select=E9,F63,F7,F82 --show-source --statistics flake8 src/ tests/ --count --exit-zero --max-complexity=15 --max-line-length=127 --statistics - name: Run Pylint run: | pylint src/ --exit-zero --score=yes continue-on-error: true # ============================================================================ # Unit Tests - CPU Only # ============================================================================ test-cpu: name: Unit Tests (CPU) runs-on: ubuntu-latest strategy: matrix: python-version: ['3.8', '3.9', '3.10', '3.11'] steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: python-version: ${{ matrix.python-version }} cache: 'pip' - name: Install system dependencies run: | sudo apt-get update sudo apt-get install -y \ build-essential \ cmake \ libopencv-dev \ libomp-dev \ pybind11-dev - name: Install Python dependencies run: | pip install --upgrade pip setuptools wheel pip install -r requirements.txt pip install pytest pytest-cov pytest-xdist pytest-timeout pytest-mock pip install -e .[dev] - name: Run unit tests run: | pytest tests/ \ -v \ --cov=src \ --cov-report=xml \ --cov-report=term-missing \ --ignore=tests/integration/ \ --ignore=tests/benchmarks/ \ -n auto \ --timeout=300 - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./coverage.xml flags: unittests-cpu name: codecov-cpu-py${{ matrix.python-version }} # ============================================================================ # GPU Tests - CUDA Enabled # ============================================================================ test-gpu: name: Unit Tests (GPU) runs-on: [self-hosted, linux, gpu] container: image: nvidia/cuda:${{ env.CUDA_VERSION }}-cudnn8-devel-ubuntu22.04 options: --gpus all steps: - uses: actions/checkout@v4 - name: Install Python and system dependencies run: | apt-get update apt-get install -y \ python3.10 \ python3-pip \ python3.10-dev \ build-essential \ cmake \ git \ libopencv-dev \ libomp-dev \ pybind11-dev \ wget python3 --version pip3 --version - name: Verify CUDA installation run: | nvcc --version nvidia-smi - name: Install Python dependencies run: | pip3 install --upgrade pip setuptools wheel pip3 install -r requirements.txt pip3 install pytest pytest-cov pytest-xdist pytest-timeout pytest-mock pip3 install cupy-cuda12x pycuda pip3 install -e .[dev,cuda] - name: Build CUDA extensions run: | ./scripts/build.sh --verbose - name: Run GPU unit tests run: | pytest tests/ \ -v \ --cov=src \ --cov-report=xml \ --cov-report=term-missing \ --ignore=tests/integration/ \ --ignore=tests/benchmarks/ \ -m "cuda or gpu" \ --timeout=600 - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./coverage.xml flags: unittests-gpu name: codecov-gpu # ============================================================================ # Integration Tests # ============================================================================ integration-tests: name: Integration Tests runs-on: [self-hosted, linux, gpu] needs: [test-cpu, test-gpu] container: image: nvidia/cuda:${{ env.CUDA_VERSION }}-cudnn8-devel-ubuntu22.04 options: --gpus all steps: - uses: actions/checkout@v4 - name: Install Python and system dependencies run: | apt-get update apt-get install -y \ python3.10 \ python3-pip \ python3.10-dev \ build-essential \ cmake \ git \ libopencv-dev \ libomp-dev \ pybind11-dev - name: Install dependencies run: | pip3 install --upgrade pip setuptools wheel pip3 install -r requirements.txt pip3 install pytest pytest-cov pytest-timeout pip3 install cupy-cuda12x pycuda pip3 install -e .[dev,cuda,full] - name: Build project run: | ./scripts/build.sh - name: Run integration tests run: | ./scripts/run_tests.sh --integration - name: Upload integration test results uses: actions/upload-artifact@v3 if: always() with: name: integration-test-results path: | tests/integration/results/ coverage_integration.xml # ============================================================================ # Code Coverage Report # ============================================================================ coverage: name: Coverage Report runs-on: ubuntu-latest needs: [test-cpu, test-gpu, integration-tests] if: always() steps: - uses: actions/checkout@v4 - name: Download coverage reports uses: actions/download-artifact@v3 continue-on-error: true - name: Generate coverage badge run: | echo "Coverage reports downloaded" # Badge generation would go here # ============================================================================ # Performance Benchmarks # ============================================================================ benchmarks: name: Performance Benchmarks runs-on: [self-hosted, linux, gpu] needs: [test-gpu] if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' container: image: nvidia/cuda:${{ env.CUDA_VERSION }}-cudnn8-devel-ubuntu22.04 options: --gpus all steps: - uses: actions/checkout@v4 with: fetch-depth: 0 # Need full history for comparison - name: Install Python and system dependencies run: | apt-get update apt-get install -y \ python3.10 \ python3-pip \ python3.10-dev \ build-essential \ cmake \ git \ libopencv-dev \ libomp-dev \ pybind11-dev - name: Install dependencies run: | pip3 install --upgrade pip setuptools wheel pip3 install -r requirements.txt pip3 install pytest pytest-benchmark matplotlib pip3 install cupy-cuda12x pycuda pip3 install -e .[dev,cuda,full] - name: Build project run: | ./scripts/build.sh --release - name: Run performance benchmarks run: | ./scripts/run_tests.sh --benchmark - name: Download previous benchmark results uses: actions/cache@v3 with: path: tests/benchmarks/benchmark_results/baseline.json key: benchmark-baseline-${{ github.ref }} restore-keys: | benchmark-baseline-main - name: Check for performance regression run: | python3 -m tests.benchmarks.compare_benchmarks \ --baseline tests/benchmarks/benchmark_results/baseline.json \ --current tests/benchmarks/benchmark_results/latest.json \ --threshold 10.0 \ --fail-on-regression continue-on-error: true - name: Upload benchmark results uses: actions/upload-artifact@v3 with: name: benchmark-results path: | tests/benchmarks/benchmark_results/ - name: Comment benchmark results on PR if: github.event_name == 'pull_request' uses: actions/github-script@v6 with: script: | const fs = require('fs'); const summary = fs.readFileSync('tests/benchmarks/benchmark_results/summary.txt', 'utf8'); github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, body: '## Performance Benchmark Results\n\n```\n' + summary + '\n```' }); # ============================================================================ # Build Verification # ============================================================================ build: name: Build Verification runs-on: ubuntu-latest needs: [lint] steps: - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} cache: 'pip' - name: Install system dependencies run: | sudo apt-get update sudo apt-get install -y \ build-essential \ cmake \ libopencv-dev \ libomp-dev \ pybind11-dev - name: Install build dependencies run: | pip install --upgrade pip setuptools wheel build pip install -r requirements.txt - name: Build C++ extensions (CPU only) run: | python setup.py build_ext --inplace - name: Build Python package run: | python -m build - name: Upload build artifacts uses: actions/upload-artifact@v3 with: name: python-package path: dist/ # ============================================================================ # Security Scanning # ============================================================================ security: name: Security Scan runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: scan-type: 'fs' scan-ref: '.' format: 'sarif' output: 'trivy-results.sarif' - name: Upload Trivy results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 with: sarif_file: 'trivy-results.sarif' - name: Run Bandit security linter run: | pip install bandit bandit -r src/ -f json -o bandit-results.json continue-on-error: true - name: Upload security scan results uses: actions/upload-artifact@v3 if: always() with: name: security-scan-results path: | trivy-results.sarif bandit-results.json # ============================================================================ # Final Status Check # ============================================================================ ci-success: name: CI Success runs-on: ubuntu-latest needs: [lint, test-cpu, test-gpu, integration-tests, build, security] if: always() steps: - name: Check all jobs status run: | if [[ "${{ needs.lint.result }}" != "success" ]] || \ [[ "${{ needs.test-cpu.result }}" != "success" ]] || \ [[ "${{ needs.test-gpu.result }}" != "success" ]] || \ [[ "${{ needs.integration-tests.result }}" != "success" ]] || \ [[ "${{ needs.build.result }}" != "success" ]]; then echo "One or more required jobs failed" exit 1 fi echo "All required jobs passed!" - name: Report coverage status run: | echo "Coverage threshold: ${{ env.MIN_COVERAGE }}%" echo "All tests completed successfully"